Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

@media screen and (max-width:400px){ body{ overflow-x:hidden; background:#ffffff !important; } #posts-loop *{ max-width:100% !important; } *{ max-width:320px; } #mobile_includes{ width:320px; margin-left:-16px; } #container{ padding-top:50px; } #cse-search-box { margin-right: 5px !important; } #dickbar { width:310px; } #metadataBox { overflow-x:hidden; } }

DNS as an attack vector

Cory Doctorow at 1:50 pm Sun, Aug 26, 2012

Here's a weird idea: stuffing Javascript into DNS to attack browsers. (via Hacker News)

digi_owl

So basically the issue is that if you fire up a web service that do DNS lookups for you (i’ll stick to nslookup or dig, thanks), said service may not bother to sanity check the response before mixing it with the result display template. I do wonder how much DNSSEC affects this.
- hassenpfeffer
  
  It’s whether the same exploit can be used in REVERSE DNS lookups that has the discovered concerned, as that would open practically any web server to badness. I think his secondary concern of SQL injections is interesting but less likely to cause any real mischief.
  - digi_owl
    
    The response would still have to hit a html engine somehow to be effective tho, right?
  - JM Ibanez
    
    How would it affect a web server? As far as I can tell, the worst that can happen is that you’d have a JavaScript scriptlet in your logs; if your log viewer doesn’t sanitize its inputs, yeah. But how would it open “practically any web server to badness”?
hassenpfeffer

JavaScript: is there ANY evil it can’t be used for?
- JM Ibanez
  
  That’s like complaining about C. Or web browsers. Or Java applets. Or Flash. Or your computer, for that matter.
  
  They’re all just a bunch of tools.
  - abstract_reg
    
    Hammer and nails, what terrible things will they do next?